[Seaside] Re: passing through to a new session

Yanni Chiu yanni at rogers.com
Fri Aug 13 02:54:23 CEST 2004


Avi Bryant wrote:
> 
> On Aug 12, 2004, at 3:42 AM, Kamil Kukura wrote:
> 
> > Now there's one inconvenience: if user goes away from the computer
> > after logout and then he returns back after 1-2 hours when session is
> > too old, he/she will put there [on login form] name and password and
> > "session expired" page will appear. Is it possible to solve this in
> > some elegant way?
> 
> That's a very good question.  I don't think there's anything elegant
> right now - the only thing you could do is change the Session Expiry
> Seconds configuration so that the whole app had a very long expiry
> time.

How about something like:

Session expired means the session is no longer usable.
What's needed is an authentication expired state, with
an expiry time that's shorter than the session expiry.
A session in this state would put up the login form
and on successful re-authentication, would go back
into an active session state.

--yanni


More information about the Seaside mailing list